ExamGecko
Search Search Login
Home Home / ISC / CISSP

ISC CISSP Practice Test - Questions Answers, Page 55

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are all elements of a disaster recovery plan (DRP)?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?
What balance MUST be considered when web application developers determine how informative application error messages should be constructed?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Backup information that is critical to the organization is identified through a
Data remanence refers to which of the following?
With what frequency should monitoring of a control occur when implementing Information Security Continuous Monitoring (ISCM) solutions?

Question 541

Report
Export
Collapse

Which of the following is a characteristic of an internal audit?

A.
An internal audit is typically shorter in duration than an external audit.
A.
An internal audit is typically shorter in duration than an external audit.
Answers
B.
The internal audit schedule is published to the organization well in advance.
B.
The internal audit schedule is published to the organization well in advance.
Answers
C.
The internal auditor reports to the Information Technology (IT) department
C.
The internal auditor reports to the Information Technology (IT) department
Answers
D.
Management is responsible for reading and acting upon the internal audit results
D.
Management is responsible for reading and acting upon the internal audit results
Answers
Suggested answer: D

Question 542

Report
Export
Collapse

Which of the following is a responsibility of a data steward?

A.
Ensure alignment of the data governance effort to the organization.
A.
Ensure alignment of the data governance effort to the organization.
Answers
B.
Conduct data governance interviews with the organization.
B.
Conduct data governance interviews with the organization.
Answers
C.
Document data governance requirements.
C.
Document data governance requirements.
Answers
D.
Ensure that data decisions and impacts are communicated to the organization.
D.
Ensure that data decisions and impacts are communicated to the organization.
Answers
Suggested answer: A

Question 543

Report
Export
Collapse

What is the MAIN goal of information security awareness and training?

A.
To inform users of the latest malware threats
A.
To inform users of the latest malware threats
Answers
B.
To inform users of information assurance responsibilities
B.
To inform users of information assurance responsibilities
Answers
C.
To comply with the organization information security policy
C.
To comply with the organization information security policy
Answers
D.
To prepare students for certification
D.
To prepare students for certification
Answers
Suggested answer: B

Question 544

Report
Export
Collapse

Proven application security principles include which of the following?

A.
Minimizing attack surface area
A.
Minimizing attack surface area
Answers
B.
Hardening the network perimeter
B.
Hardening the network perimeter
Answers
C.
Accepting infrastructure security controls
C.
Accepting infrastructure security controls
Answers
D.
Developing independent modules
D.
Developing independent modules
Answers
Suggested answer: A

Question 545

Report
Export
Collapse

When developing a business case for updating a security program, the security program owner MUST do which of the following?

A.
Identify relevant metrics
A.
Identify relevant metrics
Answers
B.
Prepare performance test reports
B.
Prepare performance test reports
Answers
C.
Obtain resources for the security program
C.
Obtain resources for the security program
Answers
D.
Interview executive management
D.
Interview executive management
Answers
Suggested answer: A

Question 546

Report
Export
Collapse

From a security perspective, which of the following assumptions MUST be made about input to an application?

A.
It is tested
A.
It is tested
Answers
B.
It is logged
B.
It is logged
Answers
C.
It is verified
C.
It is verified
Answers
D.
It is untrusted
D.
It is untrusted
Answers
Suggested answer: D

Question 547

Report
Export
Collapse

Which of the following is the BEST reason for writing an information security policy?

A.
To support information security governance
A.
To support information security governance
Answers
B.
To reduce the number of audit findings
B.
To reduce the number of audit findings
Answers
C.
To deter attackers
C.
To deter attackers
Answers
D.
To implement effective information security controls
D.
To implement effective information security controls
Answers
Suggested answer: A

Question 548

Report
Export
Collapse

What is the PRIMARY goal of fault tolerance?

A.
Elimination of single point of failure
A.
Elimination of single point of failure
Answers
B.
Isolation using a sandbox
B.
Isolation using a sandbox
Answers
C.
Single point of repair
C.
Single point of repair
Answers
D.
Containment to prevent propagation
D.
Containment to prevent propagation
Answers
Suggested answer: A

Question 549

Report
Export
Collapse

Which of the BEST internationally recognized standard for evaluating security products and systems?

A.
Payment Card Industry Data Security Standards (PCI-DSS)
A.
Payment Card Industry Data Security Standards (PCI-DSS)
Answers
B.
Common Criteria (CC)
B.
Common Criteria (CC)
Answers
C.
Health Insurance Portability and Accountability Act (HIPAA)
C.
Health Insurance Portability and Accountability Act (HIPAA)
Answers
D.
Sarbanes-Oxley (SOX)
D.
Sarbanes-Oxley (SOX)
Answers
Suggested answer: B

Question 550

Report
Export
Collapse

Which one of the following data integrity models assumes a lattice of integrity levels?

A.
Take-Grant
A.
Take-Grant
Answers
B.
Biba
B.
Biba
Answers
C.
Harrison-Ruzzo
C.
Harrison-Ruzzo
Answers
D.
Bell-LaPadula
D.
Bell-LaPadula
Answers
Suggested answer: B
Total 1.482 questions
Go to page: of 149
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms